fix: validate all Credentials and nonces in Authorization Response

[coplat]

Description of change

Previously, the decode_authorization_response function would extract only the inner VerifiableCredentialJwt level of the vp_token. This meant that the "outer" VerifiablePresentationJwt (VP) shell of the token was discarded after decoding.
Because the nonce claim resides on the Presentation layer and not the Credential layer, it was impossible to perform nonce validation in our authorization_request Aggregate.

This PR changes the format of the DecodedVpToken struct to store the full VerifiablePresentationJwt wrapper. The decoding logic has been updated to:

1. Verify the outer VP signature.
2. Verify the inner VC signatures to ensure its integrity.
3. Preserve the outer VP object in the returned struct.

A helper method .validate_nonce() was also added to DecodedVpToken to allow the Aggregate in our ssi-agent to easily extract and validate the nonces from the verified presentations.

Links to any relevant issues

Be sure to reference any related issues by adding fixes issue #.

How the change has been tested

Describe the tests that you ran to verify your changes.
Make sure to provide instructions for the maintainer as well as any relevant configurations.

Definition of Done checklist

Add an x to the boxes that are relevant to your changes.

• I have followed the contribution guidelines for this project
• I have performed a self-review of my own code
• I have commented my code, particularly in hard-to-understand areas
• I have made corresponding changes to the documentation
• I have added tests that prove my fix is effective or that my feature works
• New and existing unit tests pass locally with my changes

[codecov-commenter]

Codecov Report

❌ Patch coverage is 37.50000% with 20 lines in your changes missing coverage. Please review.

Files with missing lines	Patch %	Lines
oid4vp/src/oid4vp.rs	42.85%	16 Missing ⚠️
oid4vci/src/errors.rs	0.00%	4 Missing ⚠️

Files with missing lines	Coverage Δ
oid4vp/src/token/verifiable_presentation_jwt.rs	100.00% <ø> (ø)
oid4vci/src/errors.rs	27.77% <0.00%> (-0.68%)	⬇️
oid4vp/src/oid4vp.rs	68.75% <42.85%> (-10.02%)	⬇️

... and 5 files with indirect coverage changes

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.